Re: [DNG] Key is expired
On 9/7/22 04:42, Peter Duffy wrote: > On Tue, 2022-09-06 at 11:33 -0600, Chris Dos wrote: >> I also had to manually delete the previous key in order for this to >> work: >> apt-key del "E032 601B 7CA1 0BC3 EA53 FA81 BB23 C00C 61FC 752C" >> > > I've not found that I needed to do the "apt-key del" step for it to > work - I just do the wget and then the dpkg. After that, all seems > fine. > > Did you find that you needed to delete the old key for the new one to > work? Yea I had to delete the key on the first three servers that I fixed so I just added that step to all my other servers as well. Not sure if they all needed it, but the first three did for sure. Chris ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Key is expired
I also had to manually delete the previous key in order for this to work: apt-key del "E032 601B 7CA1 0BC3 EA53 FA81 BB23 C00C 61FC 752C" After that: wget http://deb.devuan.org/devuan/pool/main/d/devuan-keyring/devuan-keyring_2022.09.04_all.deb sudo dpkg -i devuan-keyring_2022.09.04_all.deb sudo apt update Just spent that last few hours updating all our Devuan servers. May want to put this information on the home page or something. Chris On 9/3/22 11:27, Ludovic Bellière via Dng wrote: > Hello list, > > In order to resolve the gpg key being outdated, the following steps needs to > be taken: > > wget > http://deb.devuan.org/devuan/pool/main/d/devuan-keyring/devuan-keyring_2022.09.04_all.deb > sudo dpkg devuan-keyring_2022.09.04_all.deb > sudo apt update > > Cheers, > Ludovic > > > On Sat, 03 Sep 2022, Elimar Riesebieter wrote: > >> >> Hi all, >> >> the signing key 'Devuan Repository (Amprolla3 on Nemesis)' is >> expired: >> >> W: GPG error: http://deb.devuan.org/merged stable InRelease: The following >> signatures were invalid: EXPKEYSIG BB23C00C61FC752C Devuan Repository >> (Amprolla3 on Nemesis) >> >> Elimar > > -- > ___ > Dng mailing list > Dng@lists.dyne.org > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Strange behaviour with last version of grub
On 3/9/21 9:22 AM, David Kuehling via Dng wrote: > I think we were bitten by this known Debian Bug: > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925309 > > "Wrong prefix directory hardcoded in signed GRUB image" > > Signed grub assumes that the initial grub.cfg is in EFI/debian/grub.cfg > and not in wherever grub-install put it (usually EFI/devuan/grub.cfg or > EFI/BOOT/grub.cfg). > > You can verify this by entering "set" on the grub command line and > checking the default value of the "prefix" and "root" variables. > > Workaround for me is to manually enter > > configfile (hd2,gpt1)/EFI/devuan/grub.cfg > > every time I boot my machine. > > cheers, > > David I worked with fsmithred a year or so ago on this issue. I think the consensus was to make the system variable debian instead of devuan to fix this issue. I've been removing the signed image lately in order to keep my efi systems booting. Shouldn't grub be forked in order to fix this? Or perhaps remove grub-efi-amd64-signed from merged? Chris ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Current state of VPN software ?
On 4/8/20 2:14 PM, Simon Hobson wrote: > It's been a while since I last did anything with VPNs on Linux, and I recall > there being 3 options, some of which were "less well supported" than others. > I'm looking to setup a site-site tunnel so I can remotely access stuff at > mum's (she's in isolation because of this Covid 19 stuff) and using remote > desktop control, connect her Mac to a video call. > > So what's the state of play in the VPN on Linux world - both ends would be > running Devuan (one end an AMD64 VM, the other end rPi) ? Last thing I used > was OpenVPN which AIUI is completely non-interoperable with anything else, > while FreeSwan and OpenSwan were having a bun fight. > > Simon > A little late, but I used to use a SSH script to create a full VPN connection between my laptop and work sites. I just created a script for each network I wanted to connect to. You'll need to set up SSH keys first though to the root user (or you can modify the script to use sudo on the remote end). Script I used to use: #!/bin/bash PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin" HOST=remotehost.somedomain.com REMOTETUNIP="172.16.200.2" LOCALTUNIP="172.16.200.1" REMOTENET="192.168.1.0" REMOTENETMASK="255.255.255.0" if [ "$1" != "start" -a "$1" != "stop" ] then echo "Syntax: $0 " exit 1 fi if [ "$1" = "start" ] then # Find next available local TUN device TUNNUMBER=0 FINDTUN="false" while [ "$FINDTUN" = "false" ] do ifconfig -a | grep -v tunl | grep tun$TUNNUMBER > /dev/null if [ "$?" != "1" ] then let TUNNUMBER=$TUNNUMBER+1 else FINDTUN="true" fi done sudo ssh -f -C -w any:any root@$HOST true ssh root@$HOST "ifconfig tun0 $REMOTETUNIP pointopoint $LOCALTUNIP" ssh root@$HOST "iptables -A INPUT -i tun+ -j ACCEPT" ssh root@$HOST "iptables -A FORWARD -i tun+ -j ACCEPT" ssh root@$HOST 'echo 1 > /proc/sys/net/ipv4/ip_forward' sleep 3 sudo ifconfig tun$TUNNUMBER $LOCALTUNIP pointopoint $REMOTETUNIP sudo route add -net $REMOTENET netmask $REMOTENETMASK gw $LOCALTUNIP tun$TUNNUMBER echo "Tunnel has been set up" fi if [ "$1" = "stop" ] then sudo kill `ps ax | grep "any:any root@$HOST true" | grep -v grep | cut -c 1-5` > /dev/null ssh root@$HOST 'kill `ps ax | grep "sshd: root@notty" | grep -v grep | cut -c 1-5`' ssh root@$HOST 'ifconfig tun0 down' fi I currently use OpenVPN tunnels, but oh my word, OpenVPN is a bear to get set up properly. Probably today, if I was going to do it again, WireGuard might be the next easiest solution other than using SSH. Chris ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] "Sloppy" backports
I would also like to see sloppy added as the latest ZFS packages are there. Chris On October 31, 2018 2:01:35 AM MDT, Joril wrote: >Hi everyone! > >I've just become aware of the existence of jessie-backports-sloppy :D >It >looks like this distribution is not available on Devuan's repository, >is >this an oversight or by design? > >Thanks for your time! >___ >Dng mailing list >Dng@lists.dyne.org >https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] grub efi in ceres broken?
Anyone running Ceres and grub-efi-amd64? The latest version 2.02+dfsg1-8 boots to a grub prompt. I suspect it is the new grub-efi-amd64-signed package. Though I have not been able to figure out how to debug it. At the prompt I can give it the set root=(gpt,hd5) configfile /grub/grub.cfg And then the grub menu comes up and it will boot. Rolling back to 2.02~beta3-5 results in grub behaving normally. Chris ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] A lot of packages missing from repository
On 03/26/2016 02:37 PM, Mitt Green wrote: > Rob wrote: > >> Looking at http://packages.devuan.org/merged/pool/ >> there is nothing there, though >> http://packages.devuan.org/devuan/ is populated. > /merged/pool are unmodified Debian packages, > /devuan are Devuan's. > > There is insufficient signing (look up the thread > I started last week) in Ceres because Debian dropped > SHA1. > > Mitt Just wondering if there has been any movement in fixing the Ceres merged repository? http://packages.devuan.org/merged/pool/ Is there perhaps a workaround for this issue. I suppose I might be able to set up some kind of pinning to use Sid until the Merged repository is brought back online for Ceres. Chris ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [Dng] Systemd sneaks in was file download zone
On 06/11/2015 09:04 AM, Steve Litt wrote: Hi Clarke, First, from what I understand, the microsecond you get Devuan Alpha 2 installed, go into /etc/apt/sources.list and comment out the two from debian, leaving only the ones from devuan. I think that will help some. Third, what leads you to the conclusion that your system installed systemd? On my VM-hosted Alpha-2 with LXDE, I have a whole bunch of files and directories with systemd in their names, but I think it has nothing to do with my bootup. Just to mention I installed the netboot alpha2 i386 disc last Friday. Selected Expert and Ceres install. I only selected the SSH server and nothing else as I like to have as much of a bootstrapped system as I can. Systemd was installed at this time. After the installation was completed I purged systemd and installed sysvinit. Talking on the IRC, it seems that most of the work is being put into Jessie and Ascii and Ceres are later. Chris ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng